CVE-2017-17124

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29.1

Description: The issue is related to the bfd coff read string table function in the coffgen.c component of GNU Binutils, which is associated with a buffer overflow in memory. This can be exploited by a remote attacker to access confidential data, compromise data integrity, and cause a denial of service. The vulnerability arises from the function's failure to properly validate the size of the external string table, allowing remote attackers to cause excessive memory consumption, a heap-based buffer overflow, or an application crash via a crafted COFF binary.

Recommendations: For GNU Binutils version 2.29.1, consider disabling the bfd coff read string table function as a temporary workaround until a patch is available. Restrict access to the coffgen.c component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.